Dynamic feedback bit-level image privacy protection based on chaos and information hiding

Bit is the most basic unit of a digital image in the spatial domain, and bit-level encryption is regarded as an important technical means for digital image privacy protection. To address the vulnerability of image privacy protection to cryptographic attacks, in this paper, a bit-level image privacy protection scheme using Zigzag and chain-diffusion is proposed. The scheme uses a combination of Zigzag interleaving scrambling with chaotic sequences and chain-diffusion method images are encrypted at each bit level, while using non-sequential encryption to achieve efficient and secure encryption. To balance security and efficiency, the encryption strategy for each bit layer is weighted. The chaos-based sequences used for encryption depend on the previous hash value, thus the effect of chain-diffusion is achieved. To further enhance the encryption effect, a non-sequential encryption technique by non-linearly rearranging the bit cipher image is employed, so that the attacker cannot crack the protection scheme by analyzing the encrypted image. The ciphertext image hidden by discrete wavelet transform (DWT) also provides efficient encryption, higher level of security and robustness to attacks. This technology provides indistinguishable secret data embedding, making it difficult for attackers to detect or extract hidden information. Experimental results show that this scheme can effectively protect the confidentiality of the image and can resist various common cryptographic attacks. The scheme proposed in this paper is a preferred digital image privacy protection technology, so it has broad application prospects in image secure transmission occasions.

and the color-coded image is obtained through RNA dynamic encoding and other operations.The results of the experiment demonstrate that the encryption algorithm exhibits outstanding encryption effectiveness and security performance in the face of different attacks.From a security perspective, existing bit-level chaotic encryption algorithms need further improvement, mainly because (1) the present algorithms are susceptible to chosen-plaintext attacks or chosen-ciphertext attacks as the key employed for generating chaotic sequences lacks correlation with the original image; (2) the granularity of encryption units of existing algorithms is coarse; (3) existing bit planes decomposition algorithms do not consider the correlation between each sliced plane after decomposition.Within the current realm of research on chaotic image encryption, the performance of chaos and algorithms significantly influences the security and efficiency of cryptographic systems.It is imperative and pressing to investigate a novel image encryption algorithm that relies on chaotic mapping construction to withstand various illicit attacks.
In this research paper, we present a Zigzag and chain-diffusion scheme for Bit-level image privacy protection.Our experimental findings demonstrate the algorithm's outstanding performance in encryption, with good efficiency and the ability to withstand various unauthorized attacks on image encryption.The main innovations and contributions of this paper are as follows: (A) The image encryption method using Discrete Wavelet Transform (DWT) involves efficient encryption, heightened security, and resistance against attacks.This technique makes embedded secret data indistinguishable, challenging for attackers to detect or extract.Additionally, DWT-based hiding ensures the integrity of hidden data even under common attacks like noise addition or compression.In conclusion, DWT hiding is an effective approach for securely protecting sensitive information in images while preserving their visual quality.(B) The existing image encryption algorithms are not structured rationally enough, which leads to their insufficient security against plaintext-type attacks.For this reason, this color image encryption algorithm proposes a plaintext and intermediate ciphertext association mechanism and also adopts chain diffusion to effectively enhance the resistance to cryptographic attacks.(C) Pixel-level image encryption is so coarse in granularity that it is not secure enough, and traditional bit-level encryption is too complex to meet the efficiency requirements.To cope with these challenges, this paper proposes a new strategy.We adopt an elastic processing unit in the weighted bit plane, which effectively balances the tension between security and efficiency.(D) Many of the existing encryption methods rely on pixel-level encryption, which leads to relatively weak encryption granularity, and pixel-level scrambling poses certain security risks.For the encryption of color images, we adopt a bit-level encryption strategy and further enhance the security of the encryption algorithm using forward-and-backward XOR and Zigzag interleaving scrambling.The experimental results show that this algorithm has a significant security improvement.
The rest of the paper is organized as follows: "Relevant theories" briefly describes the bit plane decomposition of chaotic systems as well as non-sequential encryption algorithms."The proposed encryption algorithm" presents the encryption algorithm designed in this paper."Analysis and discussion of experimental results" gives experimental and simulation results.The last section concludes the paper.

Relevant theories HLSE chaotic system
This paper uses a HLSE chaotic system 78 .The specific equation is expressed as follows: where mod denotes the modulo operation, γ denotes the control parameter, whose range is (0,∞ ), x(0) denotes the initial value, x(n) denotes the generated chaotic sequence, whose range is (0,1), at the same time, the system will have chaotic characteristics when γ>3.

Discrete wavelet transform
The discrete wavelet transform (DWT) is a powerful mathematical tool used in signal processing and image compression.It decomposes a signal or an image into different frequency components, allowing for both time and frequency domain analysis.DWT is widely applied in various fields, including image processing, data compression, and denoising.The wavelet transform operates by iteratively refining the signal across multiple scales, achieving this through a series of scaling and translation operations.This progressive refinement process culminates in a remarkable outcome: a high-frequency time division and a low-frequency frequency division of the signal.This unique characteristic enables the wavelet transform to automatically adapt to the intricate demands of time-frequency signal analysis.The schematic diagram of the image wavelet decomposition is shown in Fig. 1.The (DWT) can be represented by the following formula: where W(a, b) represents the transformed coefficient, with a and b denoting the scale and translation parameters, respectively.These parameters are utilized to control the shape and position of the wavelet function.x(n)

The proposed encryption algorithm
To solve the existing problems, this paper proposes an image encryption scheme based on chain encryption with image bit-level layering, thus improving the efficiency and security of the encryption algorithm and at the same time has a certain ability to resist cryptographic attacks.The details of the specific encryption algorithm are shown in the following Fig. 3.

Chaotic initial value confusion and sequence preprocessing
In this section, the association between plaintext and ciphertext is realized using the hash MD5 function, which can effectively improve the algorithm's ability to resist the chosen plaintext attack and the chosen ciphertext attack because of its unidirectional and collision-proof properties.Meanwhile, in cryptography, the original chaotic sequence initially generated cannot be directly used as an encryption tool and needs to be manipulated www.nature.com/scientificreports/by mathematical methods to preserve its chaotic properties and make each of its values fall within the interval required by the algorithm.Finally, the two chaotic sequences obtained by processing are represented by S 1 and S 2 .

Chain diffusion function
The Step 2: Zigzag interleaved scrambling.The initial encrypted image C 1 is disrupted by Zigzag interleaved scrambling to get the image C 2 .For the scanning process, the first element in the upper left corner of the original encrypted image C 1 of size H × W is selected as the starting point.Then, the first scanning is performed until the H×W 2 -th element is scanned and each scanned element is integrated into array V 1 .Similarly, the lower half is scanned starting from the first element in the lower right corner, and each scanned element is integrated into array V 2 .and it will be reconstructed into a new matrix C 2 , which size of H × W , in an interleaved.
It can be seen from step 1 that the forward XOR diffusion starts from the upper left corner to the lower right corner.Similarly, the backward XOR diffusion starts from the lower right corner to the upper left corner.After the above 2D backward XOR diffusion, the encrypted image P is obtained.

The proposed image privacy protection algorithm
Encryption algorithm section This section proposes a multi-bit hierarchical and chained encryption image encryption scheme based on image features.Taking the encrypted image with size of H × W as an example, the schematic diagram and encryption steps of the algorithm are shown in Fig. 4.
Step 1: Decompose bit plane.After input the image Q and splitting it according to the three channels R, G, B, three grayscale images Q R , Q G and Q B are obtained, which are respectively subjected to bit plane layering with the following equations: where the bitget(P, k) function denotes the return of the bit value of the k-th layer in P, Q Rk , Q Gk Q Bk denotes the image obtained after layering Q R , Q G , Q B , and k denotes the k-th bit plane, k = [1, 2, 3, . . ., 7, 8] .On this basis, the R-channel is used as an example to generate eight layered images the G-channel and B-channel operations are the same as the R-channel.
To facilitate the decryption operation by the receiver, the hash value of the original image needs to be stored in the first row of the layered image Q R1 .It is worth noting that, as shown in the analysis in "Bit plane decompo- sition", the first layer after bit plane layering contains very little information.Taking an image of size 256 × 256 as an example, the proportion of feature values in the original image is only 0.000586%.Even if the decrypted image is enlarged, it is difficult to observe the difference with the naked eye.
The encrypted ciphertext image C R5 is reprocessed to obtain key 5 , which is used for the next round of encryp- tion.The formula is as follows: Step 4: Encrypt layers 6-8.Images Q R6 , Q R7 , Q R8 are processed in the same way as Step 3, with the formulas shown below: Step 5: Encrypt layers 1-4.For the low-order bit plane, which contains only a small amount of image information, the same key sequence will be used to perform the encryption operation on these four layers.Similarly, the C R8 eigenvalue is obtained and processed to obtain key 8 .The encryption of these four layers can be expressed as: Step 6: Composite bit plane.The encrypted image C R1 , C R2 , C R3 , C R4 , C R5 , C R6 , C R7 , C R8 is subjected to layers synthesis with the following formula: where C R denotes the final ciphertext image of the R-channel after reduction.
Similarly, the ciphertext image C G , C B can be obtained after chain encryption of the G-channel and B-channel, the ciphertext image C can be obtained after three-channel reduction.
In order to achieve the diffusion characteristics of encryption algorithms, most image encryption algorithms adopt the method of changing the current pixel from the previous pixel.However, using fixed order pixel processing may reduce encryption performance and provide attackers with a large amount of information.To solve this problem, we adopted a non sequential encryption algorithm that uses random and secret access mechanisms to process pixels.The processing order is determined by the generated chaotic sequence.As a result, each pixel may be influenced not only by pixels within the same color plane but also by pixels from different color planes.The encryption and decryption operations are as follows:

Bit plane7
Bit plane8 where mod denotes the modulo operation, P is the input color image, A is the chaos matrix generated from the chaotic sequence and F denotes the number of pixel values in each color image P. The encryption step has been completely completed and the final ciphertext has been obtained.

Embedding a mask image
To convert a random ciphertext image into a meaningful output image, a DWT is used in the proposed of the proposed encryption scheme.The masking of the new image onto the ciphertext image according to the following steps: 1. Take a mask image having meaningful information of size 2M × 2N × 3. 2. Apply DWT to each color component of a mask image and extract four frequency sub-bands.3. Now, split each pixel value of the pre-ciphertext image into its groups: (a) LSB-group and (b) MSB-group.For example, a pixel value having a grayscale value equal to 152 ( Gray dec = 152), its binary version will be Gray bin = 10011000.The LSB and MSB group of the binary value will be G 1 = 1001 and G 2 = 1000, respectively.4. Similarly, step 3 will be repeated for each pixel until it reaches position (M, N) for each color component.
5. The extracted high-frequency sub-bands (HL and HH) will be replaced with the two binary groups (L − GandM − G). 6.After replacing the sub-bands, take the inverse DWT(IDWT) to restore the original mask image ( I R mask ).
This I R mask image will be transmitted as a meaningful encrypted image.The block diagram of the proposed embedding process is displayed in Fig. 5.

Decryption algorithm section
Decryption can be regarded as the inverse process of encryption, where the final ciphertext image is first decrypted in a non-sequential manner and then the ciphertext image The specific operation steps are shown in the following Fig. 6.Take the R-channel as an example, perform bit plane layering to obtain 8-bit planes , the G-channel and B-channel operate the same.Extract the original image feature values stored in the first row of the bit-plane layering and process them to obtain key 1 .The encrypted image of the fifth plane can be decrypted and the image is obtained Q R5 .The obtained image is continued to be used for decryption until eight plaintext images after bit-plane layering are obtained, and finally, the initial plaintext image P is obtained.

Experimental environment
The proposed algorithm was validated on a PC host computer equipped with MATLAB R2023a experimental software.The PC is equipped with an 11th Gen Intel Core i7-11800H CPU operating at 2.30 GHz.The PC has 32 GB of RAM.The image data selected for the experiments are from the standardized test image database USC-SIPI.

Statistical analysis
Histogram analysis Histograms display statistical information about an image, visualizing the distribution of individual values in the image.The histograms of plaintext images exhibit distinct statistical patterns, and attack schemes that target statistical patterns are known as statistical analysis attacks.We compute and plot the histograms of the original image and the ciphertext.Figure 7a depicts the selection of six plaintext images with various sizes, which are then encrypted to generate the corresponding ciphertext images illustrated in Fig. 7c.The histograms of the images before and after encryption and decryption are presented in Fig. 7b,f, respectively.The histograms of the plaintext images show certain statistical regularity, while the encrypted images show a noise-like distribution, and the statistical properties of the histograms show a uniform distribution.This well hides the key information of the image, thus demonstrating the ability of the proposed algorithm to resist statistical analysis attacks.

Adjacent pixel correlation analysis
Usually, plaintext images have pixels with high neighborhood correlation and exhibit a statistical property.And a good encryption algorithm should make the encrypted image achieve de-correlation between its neighboring pixels.
We calculated and compared the correlation between adjacent pixels in both the plaintext and ciphertext images.This was achieved through the following steps.Initially, 3000 pairs were randomly selected of adjacent pixel coordinates from both the plaintext and ciphertext images.Subsequently, we calculate the correlation www.nature.com/scientificreports/coefficients for adjacent pixels in the horizontal, vertical, and diagonal, as well as the antidiagonal directions.
The correlation coefficients are calculated using the following formula: where x i and y i constitute the i pair of horizontal/vertical/diagonal/antidiagonal neighboring pixels and M is the total number of horizontal/vertical/diagonal/antidiagonal neighboring pixels.The adjacent pixel correlation data of the encrypted image is shown in Fig. 8 and Table 1.From the experimental data, the correlation coefficient of the plaintext image is close to 1, while the correlation coefficient of the ciphertext image is approximately equal to 0. This indicates that the proposed encryption scheme generates images with de-correlated neighboring pixels.Therefore, the proposed scheme in this paper is secure against statistical attacks.

Differential statistical analysis
The number-of-pixels change rate (NPCR) and uniform average change intensity (UACI) are frequently employed to assess the resilience of cryptosystems against performance differential attacks.Typically, an attacker modifies the original image by introducing small alterations and subsequently encrypts both the original image and the modified version using the proposed algorithm.This allows the attacker to examine the correlation between the plaintext image and the ciphertext image through a differential attack.To evaluate the resistance of the proposed algorithm against differential attacks, we calculated and compared the NPCR and UACI values using the following formulas: where H × W is the size of the image, v 1 and v 2 are the ciphertext image before and after the plaintext image is changed by one pixel respectively.D can be defined by the following equation: The results of the algorithm, calculated using Eq. ( 15), are presented in Table 2.The analysis of Table 2 reveals that NPCR and UACI closely approximate their ideal values of 99.6% and 33.4%, respectively.

Information entropy analysis
The concept of information entropy quantifies the level of randomness or uncertainty inherent in an information source.A higher value of information entropy indicates a greater degree of uncertainty in the information source, making it more challenging for the proposed algorithm to predict or decipher the information.The information entropy H(m) of an information source m is computed using the following equation:  where M is the total number of symbols m(i) ∈ m , p(m i ) denotes the probability of a symbol.Assuming that the source sends 256 symbols and that we can obtain the theoretical value H(m) = 8 by using Eq.(17).The closer it is to 8, the less likely it is for an attacker to decode the cryptographic image.Table 3 shows the comparison of information entropy.From Table 3, we can see that the experimental results are close to 8, so the proposed algorithm has good information entropy properties.

Image quality analysis
Peak signal-to-noise ratio (PSNR) and structural similarity (SSIM) are commonly used in the image processing field as a tool to weigh the quality of encryption.The mean square error (MSE) is part of PSNR and is defined as: where MSE denotes the mean square error of the plaintext image X and the ciphertext image Y, the height and width of the image are denoted by H and W, respectively, and Q denotes the pixel level of the image.SSIM is a measure of the similarity of two images and is defined as where µ X , µ Y denotes the mean value of image X and Y respectively, σ X , σ Y denotes the standard deviation of image X and Y respectively, and L denotes the dynamic range of the pixel values.The values of PSNR and SSIM are calculated using Eqs.( 18) and (19) as shown in Table 4.The value of PSNR of an encrypted image should be around 30 dB, and the range of SSIM should be − 1 to 1.The closer the image is, the closer the absolute value of SSIM is to 1, so the value of SSIM should be above and below 0 after encryption.

Key space analysis
In cryptosystems, the easiest way to break the key is a brute force attack.Therefore, if the key space of the proposed algorithm is larger, the more difficult it is for the attacker to break the proposed algorithm by brute force attack.The size of the key space depends on the length of the security key, and it is one of the important factors to ensure the security of the cryptosystem.The chaotic system used in the image encryption algorithm designed ( 17) www.nature.com/scientificreports/ in this paper, its key space can be expressed as S ∈ {γ , MD5} , where γ is the key parameter with an accuracy of 10 −16 and MD5 is the hash value introduced to augment the key space, which produces a hash of 128 bits.The size of the key space of this encryption scheme is calculated to be about 10 16 × 2 128 ≈ 2 181 and the key length reaches 181 bits.It can be seen from Table 5 that compared with other existing encryption schemes, the key space of this paper has obvious advantages.

Sensitivity analysis
In this section, the sensitivity performance of the algorithm is analyzed in terms of the sensitivity of the key and plaintext, respectively.A secure algorithm should be highly sensitive, which means that if there is a slight change in the key or plain image information during encryption or decryption, the correct result cannot be obtained.

Key sensitivity analysis
It is a property that good cryptosystems should have that the key used does not yield the correct ciphertext even if there is a small difference.In this section, we compare the differences between the ciphertexts obtained by encrypting with the correct key and the slightly changed keys ( +10 −12 , +10 −13 , +10 −14 , +10 −15 ).The difference between them is derived by calculating NPCR and UACI, where NPCR and UACI are calculated as shown in Eq. ( 15).The results are shown in Table 6 and Figs. 9 and 10, where we can find that the average values of NPCR and UACI are 99.6108% and 33.4707% respectively when the perturbation is added to the key.This indicates that the difference between the two cipher images is very large.Hence the proposed algorithm in this paper has good encryption results.

Analysis of plaintext sensitivity
In good encryption algorithms, even a small change in the plaintext image can make the encrypted ciphertext image look very different from the ciphertext encrypted from the unchanged plaintext image.If the proposed algorithm does not have this ability, it is very easy for an attacker to break the algorithm by analyzing the correlation between the plaintext image and the ciphertext image.Therefore, the plaintext image sensitivity of an algorithm is the key to its resistance to plaintext image attacks.In this section, we analyze the sensitivity of the proposed algorithm to plaintext images by adding 1 to the pixel values of plain images at (H/4, W/4), (H/4, W × 2/4), (H × 2/4, W/4), and (H × 2 /4, W × 2/4) to compute the NPCR and UACI. the results are shown in Table 7 and Figs.11 and 12. Table 7 demonstrates that when pixel values change by 1 at specific locations, the average NPCR between the corresponding ciphertext images and the original ciphertext images approximate the ideal value of 99.6%.Additionally, the average UACI value closely resembling the ideal value of 33.4%.These results signify a prominent alteration in the cryptographic image and render the algorithm robust against plaintext attacks.www.nature.com/scientificreports/

Execution time analysis
This research aimed to assess the performance of the proposed encryption algorithm concerning image encryption across various sizes.Four sets of images were chosen, sized at 64 × 64 , 128 × 128 , 256 × 256 , and 512 × 512 pixels, respectively.Table 8 illustrates the average runtime for encryption across different image sizes.The intent was to highlight the encryption performance of the algorithm across varying image dimensions using intuitive visualizations.

Robustness analysis
Robustness measures whether the algorithm can effectively withstand interferences, safeguarding the image content from damage or leakage.In practical applications, images may encounter diverse interferences, making a thorough analysis and evaluation of encryption algorithms against these interferences significantly crucial.In this section, we have selected salt and pepper noise and clipping attack as the subjects of study to explore their impact on image encryption algorithms.

Salt and pepper noise analysis
Noise attacks represent an alternative method for manipulating images, involving the application of statistical techniques to alter specific points within the image.These alterations are often subtle and challenging to detect.Therefore, an effective image encryption algorithm should demonstrate robust resilience against noise attacks.In this study, salt and pepper noise is utilized as the attacking method, as depicted in Fig. 13.The research findings indicate that the encryption algorithm exhibits substantial resistance against noise attacks.

Size
Ours Ref. 84 Ref. 85 Ref. 86  decryption.As shown in Fig. 14, the encryption algorithm demonstrates robust resilience against clipping attacks.Even when the clipping ratio reaches 1/4, the primary content of the image remains visible.

Conclusion
This paper proposes a bit-level image privacy protection scheme using Zigzag and chain-diffusion, it can enhance the ability of image privacy protection scheme to resist password attacks.The scheme adopts the strategy of encryption by weight for each bit layer and designs a chain diffusion method of Zigzag interleaving scrambling with hash value plaintext association.At the same time, non-sequential encryption is adopted to achieve efficient and secure encryption effect.To improve security performance, we introduce a hash-generated chaotic sequence to encrypt each bit layer.The generation of chaotic sequences depends on the hash value of the previous bit, which ensures that the encryption process of each bit layer is independent.Finally, we use a non-sequential encryption technique to non-linearly rearrange the bit ciphertext image, which further enhances the encryption effect.Each encryption module adopts the forward plaintext feedback encryption mechanism, which effectively enhances the avalanche effect of the cipher.The results show that the scheme has robustness and significant diffusion properties and can successfully resist various common cipher attacks.The scheme proposed in this paper combines the features of digital images layered by bit with different visual weights and both considers the security and efficiency of image privacy protection, and thus is a preferred technical solution.Especially in the context of big data era, the technical scheme has potential practical application value.
specific operational details of each plane in this paper are defined as a custom function C = Chain_encrypt(I, key) , where I denotes the input plaintext image, C denotes the output ciphertext image, and key denotes the initial key of the chaotic sequence required to encrypt the next image.The function consists of three parts: 2D forward XOR diffusion, Zigzag interleaving scrambling, and 2D backward XOR diffusion.The specific operations are shown below: Step 1: 2D forward XOR diffusion.The generated chaotic sequence S 1 is reconstituted into a chaotic matrix of size H × W , where m = [1, 2, 3, . . ., H], n = [1, 2, 3, . . ., W] .The specific input image I is encrypted as follows: where i = [2, . . ., H], j = [2, . . ., W] .After the above 2D forward XOR diffusion, a preliminary encrypted image C 1 is obtained.

Figure 3 .
Figure 3. Flow chart of encryption algorithm.

Figure 4 .
Figure 4. Flow chart of specific steps for encryption.

Table 1 .
Comparison results of correlation coefficients of adjacent pixels.

Table 5 .
Key space comparison.

Table 6 .
Clipping attack analysisDuring communication, if signal interception occurs, the transmitted ciphertext might be tampered with.To prevent such scenarios, ciphertexts should possess strong resistance against clipping attack.We conducted clipping attack at rates of 1/16, 1/8, and 1/4 at different positions, and used the resulting clipped ciphertexts for Test results of key sensitivity.Test values of NPCR after different keys are perturbed.Test values of UACI after different keys are perturbed.

Table 8 .
The encryption times of different algorithms (unit: s).